Detailed explanation of INI configuration of Shiro

If you have used IOC / di containers such as spring, the INI configuration provided by Shiro is very similar, that is, it can be understood as an IOC / di container, but the difference is that it starts with a root object securitymanager.

Root object securitymanager

As can be seen from the previous Shiro architecture diagram, Shiro performs authentication and authorization from the root object securitymanager; That is, all operations start from it. This object is thread safe and only one real application is needed. Therefore, Shiro provides securityutils to bind it as global for subsequent operations.

Because Shiro's classes are POJOs, they can be easily managed in any IOC container. However, the difference from the general IOC container is that Shiro navigates from the root object securitymanager; Shiro supports dependency injection: creation of public null parameter constructor object and setter dependency injection.

1. Pure java code writing (COM. GitHub. Zhangkaitao. Shiro. Chapter4. Nonconfigurationcreatetest):

2.1. Equivalent ini configuration (Shiro config. INI)

Even without the knowledge of IOC container, the above configuration is easy to understand:

1. Object name = fully qualified class name relative to calling public parameterless constructor to create object 2. Object name Property name = value is equivalent to calling setter method to set constant value 3 and object name Property name = $object reference is equivalent to calling setter method to set object reference

2.2. Java code (COM. GitHub. Zhangkaitao. Shiro. Chapter4. Configurationcreatetest)

The above code obtains the corresponding securitymanager instance from Shiro ini configuration: 1. By default, create a securitymanager with the name of org apache. shiro. mgt. Defaultsecuritymanager is the default securitymanager. If you want to customize it, you only need to specify "securitymanager = securitymanager implementation class" in the INI configuration file. The name must be securitymanager, which is the starting root; 2. Inisecuritymanagerfactory is a factory that creates securitymanager. It requires an ini configuration file path. It supports three path formats: "classpath:" (class path), "file:" (file system), "URL:" (Network). The default is the file system. 3. Then get the securitymanager instance. The subsequent steps are the same as before.

As can be seen from the above, Shiro ini configuration method itself provides a simple IOC / di mechanism to facilitate configuration in the configuration file, but it starts navigation from the root object of securitymanager.

Ini configuration

The INI configuration file is similar to the properties (key = value) in Java, but provides the feature of classifying key / value. The key is that each part is not repeated, rather than the entire configuration file. The following is the INI configuration classification: Java code

[main] section

Provides the configuration of the root object securitymanager and its dependent objects.

create object

Java code

Its constructor must be a public null parameter constructor to create the corresponding instance through reflection.

Constant value setter injection

Java code

Jdbcrealm. Is called automatically Setpermissionslookupenabled (true). For this constant value, automatic type conversion is performed.

Object reference setter injection

Java code

Automatically through securitymanager Setauthenticator (authenticator) injects reference dependencies.

Nested property setter injection

Java code

securityManager. authenticator. authenticationStrategy=$authenticationStrategy

This nested setter injection is also supported.

Inject java code into byte array setter

By default, Base64 is required for encoding, or 0x hex can be used.

Array / set / list setter injection

Java code

Multiple are divided by ",".

Map setter injection

Java code

That is, the format is: Map = key: value, key: value. Constants and reference values can be injected. Constants are regarded as strings (even if there are generic types, they will not be automatically shaped).

Instantiate / inject sequential java code

The latter covers the injection of the front.

For test cases, refer to the configuration file Shiro config main ini。

The [users] section configures the user name / password and its role. The format: "user name = password, role 1, role 2". The role section can be omitted. For example:

Java code

Passwords are generally generated and stored in summary / encryption, which is described in subsequent chapters.

The [roles] section configures the relationship between roles and permissions. The format is: "role = permission 1, permission 2"; For example: Java code

If only roles do not have corresponding permissions, roles can not be configured. Please refer to the authorization chapter for specific rules.

[URLs] section

Configure the relationship between the URL and the corresponding interceptor in the format: "url = interceptor [parameter], interceptor [parameter], such as Java code

The above is the whole content of this article. I hope it will be helpful to your study, and I hope you can support programming tips.